[PATCH] D10356: scan-build: Add --analyzer-target option
Honggyu Kim
hong.gyu.kim at lge.com
Tue Aug 4 06:06:22 PDT 2015
honggyu.kim added a comment.
Here's one more example.
$ cat -n test.c
1 int main(int argc, char** argv) {
2 int a;
3 #if __arm__
4 int *p = 0;
5 if (argc == 3)
6 a = *p;
7 #endif
8 return a;
9 }
If we cross compile this code with the following command:
$ scan-build --use-cc=arm-linux-gnueabi-gcc arm-linux-gnueabi-gcc test.c
scan-build: Using '/home/hong.gyu.kim/usr/bin/clang' for static analysis
test.c:8:3: warning: Undefined or garbage value returned to caller
return a;
^~~~~~~~
1 warning generated.
scan-build: 1 bug found.
scan-build: Run 'scan-view /tmp/scan-build-2015-08-04-215933-29482-1' to examine bug reports.
I detected a bug but in #if __arm__ region, null point dereference can happen and there's no way to detect it with current scan-build implementation.
With --analyzer-target option, we can detect those target dependent code region properly as below:
$ scan-build --analyzer-target=arm --use-cc=arm-linux-gnueabi-gcc arm-linux-gnueabi-gcc test.c
scan-build: Using '/home/hong.gyu.kim/usr/bin/clang' for static analysis
test.c:6:9: warning: Dereference of null pointer (loaded from variable 'p')
a = *p;
^~
test.c:8:3: warning: Undefined or garbage value returned to caller
return a;
^~~~~~~~
2 warnings generated.
scan-build: 2 bugs found.
scan-build: Run 'scan-view /tmp/scan-build-2015-08-04-215948-29652-1' to examine bug reports.
Now, "Dereference of null pointer" bug is found.
http://reviews.llvm.org/D10356
More information about the cfe-commits
mailing list